f94f70706d0a74197a56d2f6274d5e7ef1cfc0e365606a7a3cba7ef186f619e4 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

6d60c74944bdfc379f5a8fe0f3ce3230_NeikiAnalytics.exe
Size

12KB
Sample

240523-y4wblsfa63
MD5

6d60c74944bdfc379f5a8fe0f3ce3230
SHA1

b3219bdf82b9f009e6918e233b19e4a5572f605b
SHA256

f94f70706d0a74197a56d2f6274d5e7ef1cfc0e365606a7a3cba7ef186f619e4
SHA512

2da448412c0338f521fba1cb8a6d333f0c4691b52cd65f66ae843a9916b5ff615e4ada9646cd7d12f40b90add6e286ad2bacf491746760216aa81127b13c7b78
SSDEEP

384:2L7li/2zeq2DcEQvdfcJKLTp/NK9xaQM:wmMZQ9cQM

Score

7^/10

Malware Config

Targets

- Target
  
  6d60c74944bdfc379f5a8fe0f3ce3230_NeikiAnalytics.exe
- Size
  
  12KB
- MD5
  
  6d60c74944bdfc379f5a8fe0f3ce3230
- SHA1
  
  b3219bdf82b9f009e6918e233b19e4a5572f605b
- SHA256
  
  f94f70706d0a74197a56d2f6274d5e7ef1cfc0e365606a7a3cba7ef186f619e4
- SHA512
  
  2da448412c0338f521fba1cb8a6d333f0c4691b52cd65f66ae843a9916b5ff615e4ada9646cd7d12f40b90add6e286ad2bacf491746760216aa81127b13c7b78
- SSDEEP
  
  384:2L7li/2zeq2DcEQvdfcJKLTp/NK9xaQM:wmMZQ9cQM
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Uses the VBS compiler for execution
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scripting

Persistence

Privilege Escalation

Defense Evasion

Scripting

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2